Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/i18vXq1Y-W49B9gQGGLwP57yuWE.roa
File: i18vXq1Y-W49B9gQGGLwP57yuWE.roa (raw, json)
Hash identifier: 80elw1gOQ85l6hy1ay1W+01wvg3BsePh23P5VfkNSPU=
Subject key identifier: 8B:5F:2F:5E:AD:58:F9:6E:3D:07:D8:10:18:62:F0:3F:9E:F2:B9:61
Certificate issuer: /CN=1daf46a40c246d6540d992c321b1cc3623d65995
Certificate serial: 01857169A2ED8062F10A4B9F09B427214A8F
Authority key identifier: 1D:AF:46:A4:0C:24:6D:65:40:D9:92:C3:21:B1:CC:36:23:D6:59:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/i18vXq1Y-W49B9gQGGLwP57yuWE.roa
Signing time: Mon 02 Jan 2023 07:37:06 +0000
ROA not before: Mon 02 Jan 2023 07:37:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62370
IP address blocks: 77.95.224.0/21 maxlen: 21
185.62.56.0/22 maxlen: 22
89.207.128.0/21 maxlen: 21
193.33.60.0/23 maxlen: 23
37.148.160.0/21 maxlen: 21
5.104.224.0/21 maxlen: 21
128.204.192.0/20 maxlen: 20
78.41.200.0/21 maxlen: 21
193.34.166.0/23 maxlen: 23
195.20.204.0/23 maxlen: 23
2a00:7b80::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:a2:ed:80:62:f1:0a:4b:9f:09:b4:27:21:4a:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1daf46a40c246d6540d992c321b1cc3623d65995
Validity
Not Before: Jan 2 07:37:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b5f2f5ead58f96e3d07d8101862f03f9ef2b961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b0:72:48:68:dd:46:a4:a4:91:4c:4e:b9:a0:
29:ee:41:66:32:9c:85:f0:2f:31:0d:87:9b:d0:17:
65:0a:31:6a:93:c9:98:a9:4c:cf:8f:f8:48:ac:c0:
be:c9:f7:1e:f8:53:5d:da:f6:06:b9:26:43:47:fe:
04:86:ce:3c:f5:89:1d:7a:3f:94:e2:00:d8:51:95:
1f:5e:fb:69:15:4c:cb:46:d0:66:07:14:25:c3:15:
fb:3a:32:99:ae:56:b6:2c:48:a8:89:d0:5b:82:e4:
e8:07:9e:38:58:13:cc:cf:2d:b2:fd:a6:d9:45:09:
b3:81:f5:7f:9e:f6:d7:93:2e:5a:ce:ca:e8:df:1e:
10:a7:05:de:d6:fc:9a:59:37:af:d9:68:cd:df:4a:
08:1b:29:17:dd:9e:3a:ff:8a:4f:21:cd:61:07:4a:
7b:3d:84:ab:3a:0f:8d:4c:53:ae:c8:37:93:82:b3:
f2:47:b0:ea:fd:75:72:1b:2d:bc:9a:c9:91:12:e3:
1f:ea:ef:62:76:a5:a8:44:c7:e3:7e:1d:82:cc:7a:
be:1c:20:47:cf:ba:8a:8e:bf:f4:3d:46:a1:40:9a:
14:7f:77:f2:2f:1a:a1:69:c2:4b:e3:74:31:ef:ec:
c2:ba:13:3d:bc:fd:9f:dc:06:e7:86:b7:3e:b0:71:
cb:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:5F:2F:5E:AD:58:F9:6E:3D:07:D8:10:18:62:F0:3F:9E:F2:B9:61
X509v3 Authority Key Identifier:
keyid:1D:AF:46:A4:0C:24:6D:65:40:D9:92:C3:21:B1:CC:36:23:D6:59:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/i18vXq1Y-W49B9gQGGLwP57yuWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.224.0/21
37.148.160.0/21
77.95.224.0/21
78.41.200.0/21
89.207.128.0/21
128.204.192.0/20
185.62.56.0/22
193.33.60.0/23
193.34.166.0/23
195.20.204.0/23
IPv6:
2a00:7b80::/32
Signature Algorithm: sha256WithRSAEncryption
a5:1c:b4:f2:91:7a:38:ac:74:b3:85:fb:08:36:a1:e3:c3:1e:
61:4f:2f:14:7e:f4:96:e2:f0:d6:12:a4:07:56:f6:a2:ec:0d:
35:6a:6c:56:0f:33:00:17:c6:ce:f9:c2:03:78:4c:02:74:3f:
5c:bd:b0:a1:c8:fc:de:7e:ac:05:6c:89:38:ac:ab:89:d2:79:
e4:d1:cb:46:b4:fa:4a:46:22:47:07:b6:6f:10:82:d4:73:73:
8c:12:93:68:20:d2:27:72:80:0b:dd:f2:44:0e:94:be:d7:84:
55:61:1f:df:10:45:dd:d5:56:7c:cf:57:af:22:03:36:c6:55:
a1:c1:c8:47:a0:6c:2c:72:6d:d3:89:63:d7:cc:c6:30:cb:c2:
63:1a:4d:3b:6d:11:8c:ed:16:5d:86:e3:5b:a8:00:ed:46:b6:
77:85:be:ae:4a:32:71:1e:f8:b9:33:d2:50:b5:85:b3:71:f1:
31:ea:88:19:d1:b2:14:91:50:c8:36:64:7b:7c:f4:7c:3f:3a:
68:db:18:a6:39:1d:53:92:7e:22:d3:64:10:23:20:aa:25:09:
d0:d7:7d:c0:c7:b4:b6:a6:a6:62:dc:e3:ac:39:00:e4:f8:9f:
67:db:58:3d:b4:87:28:49:0d:7c:5f:f4:7c:58:2d:0f:4f:27:
6b:e1:75:09
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYVxaaLtgGLxCkufCbQnIUqPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYWY0NmE0MGMyNDZkNjU0MGQ5OTJjMzIxYjFjYzM2MjNk
NjU5OTUwHhcNMjMwMTAyMDczNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjVmMmY1ZWFkNThmOTZlM2QwN2Q4MTAxODYyZjAzZjllZjJiOTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbBySGjdRqSkkUxOuaAp7kFmMpyF
8C8xDYeb0BdlCjFqk8mYqUzPj/hIrMC+yfce+FNd2vYGuSZDR/4Ehs489Ykdej+U
4gDYUZUfXvtpFUzLRtBmBxQlwxX7OjKZrla2LEioidBbguToB544WBPMzy2y/abZ
RQmzgfV/nvbXky5azsro3x4QpwXe1vyaWTev2WjN30oIGykX3Z46/4pPIc1hB0p7
PYSrOg+NTFOuyDeTgrPyR7Dq/XVyGy28msmREuMf6u9idqWoRMfjfh2CzHq+HCBH
z7qKjr/0PUahQJoUf3fyLxqhacJL43Qx7+zCuhM9vP2f3Abnhrc+sHHLBwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFItfL16tWPluPQfYEBhi8D+e8rlhMB8GA1UdIwQY
MBaAFB2vRqQMJG1lQNmSwyGxzDYj1lmVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGE5R3BBd2tiV1ZBMlpMREliSE1OaVBXV1pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS80NGMwZWYtNWRhNi00ZmYyLWI1ZWYt
NzlmMDQ4YmQyYTdhLzEvaTE4dlhxMVktVzQ5QjlnUUdHTHdQNTd5dVdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS80NGMwZWYtNWRhNi00ZmYyLWI1ZWYtNzlmMDQ4YmQyYTdh
LzEvSGE5R3BBd2tiV1ZBMlpMREliSE1OaVBXV1pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQDBWjgAwQD
JZSgAwQDTV/gAwQDTinIAwQDWc+AAwQEgMzAAwQCuT44AwQBwSE8AwQBwSKmAwQB
wxTMMA0EAgACMAcDBQAqAHuAMA0GCSqGSIb3DQEBCwUAA4IBAQClHLTykXo4rHSz
hfsINqHjwx5hTy8UfvSW4vDWEqQHVvai7A01amxWDzMAF8bO+cIDeEwCdD9cvbCh
yPzefqwFbIk4rKuJ0nnk0ctGtPpKRiJHB7ZvEILUc3OMEpNoINIncoAL3fJEDpS+
14RVYR/fEEXd1VZ8z1evIgM2xlWhwchHoGwscm3TiWPXzMYwy8JjGk07bRGM7RZd
huNbqADtRrZ3hb6uSjJxHvi5M9JQtYWzcfEx6ogZ0bIUkVDINmR7fPR8Pzpo2xim
OR1Tkn4i02QQIyCqJQnQ133Ax7S2pqZi3OOsOQDk+J9n21g9tIcoSQ18X/R8WC0P
Tydr4XUJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:02 2024 by rpki-client on console-fra.rpki-client.org